add the possibility, that a dissector writer can provide (usually non-trivial) display filters specific for the protocol in question (with an example in packet-dcerpc-pn-io.c), that will appear in the GUI
svn path=/trunk/; revision=22530
Fix compilation failures when building wireshark-0.99.6-SVN-21916 on an
x86_64-unknown-linux-gnu target with gcc version 4.1.2 20070403 (Red Hat
4.1.2-8).
The failures fall into two categories:
(1) Casts between pointers and 32-bit integers without an intermediary cast
via 'long' or 'unsigned long'. This results in a compiler warning complaining
about casts between a pointer and an integer of a different size.
(2) Passing values to "%lld" or similar printf-style format options that the
compiler thinks are a different size. Such values need to be cast to 'long
long' or 'unsigned long long'.
svn path=/trunk/; revision=21975
while this should improve performance by unmeasurably little it does have the sideeffect that once we finish the rewrite tcp analysis might actually work and work well even for tcp over tcp tunnelling.
this also means that if you include packet-tcp.h you also need to include emem.h .
svn path=/trunk/; revision=17681
drawing_area widgets. Instead of canoodling around with a global list
of graphs, simply associate a graph to its widgets using OBJECT_SET_DATA.
This should take care of Coverity CIDs 50 - 59.
Clean up whitespace.
svn path=/trunk/; revision=17554
This bug was discovered while looking at defects #130 and #131 discovered by coverity.
This patch also fixes these non-severe defects.
svn path=/trunk/; revision=17531
After investigating the time-sequence graphs (Stevens and tcptrace) produced
using an FTP capture file supplied by Eduardo Segura
(see http://www.ethereal.com/lists/ethereal-users/200512/msg00153.html )
I've identified several problems in tcp_trace.c.
The problems mostly involve incorrect determination of the lower/upper
sequence number bounds (for the Y axis) in certain cases (e.g. having to do
with 'partial' conversations).
I've reworked the '...get_bounds' code to handle cases such as:
1. out of order data segments (e.g.: the first segment in a captured
conversation has a higher sequence number than a later segment);
2. 'ack' sequence numbers for initial ack segments in a conversation lower
than the sequence numbers of the initial data segments;
3. maximum 'ack + win' sequence number in a conversation greater than the
max data sequence number;
4. Stevens graph: only use data segment sequence numbers when
determining bounds;
5. TCP RST packet without 'ack' flag: do not try to use the 'ack' seq num from
the packet in this case. (This was the specific cause of the originally reported
problem).
I've also reworked the tcptrace display code slightly to properly handle
the initial ack packet of a sequence;
As an example of the some of the fixes the Ethereal tcptrace style graph
of the following conversation fragment will now be similar to the graph
produced by Tcptrace.
data: seq 10000 len 100
data: seq 10100 len 200
ack: ack 5000 win 6000
ack: ack 5400 win 5600
svn path=/trunk/; revision=16874
directory to the epan directory. Some of them should perhaps ultimately
be moved to epan/dissectors, if they pertain only to stuff exported by a
particular dissector.
Fix Gerald's e-mail address in files we're moving.
svn path=/trunk/; revision=15844
generate columns; use cf_retap_packets instead of cf_redissect_packets()
when running taps (the general flow graph stat uses the Info column).
svn path=/trunk/; revision=15793
I've done more than a day to change the timestamp resolution from microseconds to nanoseconds. As I really don't want to loose those changes, I'm going to check in the changes I've done so far. Hopefully someone else will give me a helping hand with the things left ...
What's done: I've changed the timestamp resolution from usec to nsec in almost any place in the sources. I've changed parts of the implementation in nstime.s/.h and a lot of places elsewhere.
As I don't understand the editcap source (well, I'm maybe just too tired right now), hopefully someone else might be able to fix this soon.
Doing all those changes, we get native nanosecond timestamp resolution in Ethereal. After fixing all the remaining issues, I'll take a look how to display this in a convenient way...
As I've also changed the wiretap timestamp resolution from usec to nsec we might want to change the wiretap version number...
svn path=/trunk/; revision=15520
filter as an argument on the command line and have a dialog box to enter
the display filter through the GUI. Use it for all stats using
"gtk_tap_dfilter_dlg_cb()".
Add a top-level "stat_menu.h" file to declare "REGISTER_STAT_GROUP_E"
for the benefit of the declaration of "register_dfilter_stat()" in the
top-level "tap_dfilter_dlg.h". Rename the "stat_menu.h" in the gtk
directory to "gtk_stat_menu.h", so as not to have two headers with the
same name.
Get rid of headers not declaring any functions not being used in the
module.
svn path=/trunk/; revision=15493
- Add plugins_dlg.h
- Include .h files in their respective .c files
- Include .h and remove extern declarations in .c files
- set eol-style and keywords on gui_utils.[hc]
svn path=/trunk/; revision=15471
and "Statistics" menu items into "stat.h" and "stat.c", to separate them
from the core tapping APIs. A tap could conceivably not register as a
"-z" command-line argument or "Statistics" menu item, and a stat could
conceivably not be implemented as a tap, and dissectors that implement
tapping points don't need the UI-related stuff from "stat.h", they just
want the tap-related stuff in <epan/tap.h>.
svn path=/trunk/; revision=15427
cfile.current_frame to it separately.
Note that we shouldn't ever get a "Selected packet isn't a TCP segment"
error any more; we can now handle all link layers.
Give a little more detail in the message shown if there's *more than
one* TCP header in the packet.
svn path=/trunk/; revision=14895
Don't regenerate the packet list when generating the TCP stream graph -
it won't be changing; just redissect and run the tap.
svn path=/trunk/; revision=14894
tcp-graph has been modified to extract tcp data from a TAP instead of reading and parsing directly from the capture file.
This makes tcp graph work for any type of capture and for any transport.
In the future someone with access to captures with TCP over something over TCP
to add a dialog where the user can specify WHICH of the multiple TCP sessions to graph.
svn path=/trunk/; revision=14889
This includes: all functions in file.h now have a cf_ prefix, will have doxygen tags, will have the capture_file *cf as the first parameter and I tried to generalize the return values for non trivial functions.
Hopefully, I didn't introduced any new bugs, as I had to change a lot of files...
svn path=/trunk/; revision=13289
they have LF at the end of the line on UN*X and CR/LF on Windows;
hopefully this means that if a CR/LF version is checked in on Windows,
the CRs will be stripped so that they show up only when checked out on
Windows, not on UN*X.
svn path=/trunk/; revision=11400
changed window_xy (dialog) function calling in a lot of gtk files
cleanup of file selection code
cleanup in dlg_utils/file_dlg/ui_util
Please report any problems!!!
svn path=/trunk/; revision=11003
use window_new instead of dlg_window_new for the statistics windows
(as these are no dialog windows)
do some code cleanup
svn path=/trunk/; revision=10979
Put both capture filename and
x.x.x.x:x -> y.y.y.y:y
describing the tcp session we are currently graphing in the menu text
of the window.
svn path=/trunk/; revision=10249
